Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/kTzhk0TpfpEk1g9i8oKWx7YZCgI.roa
File: kTzhk0TpfpEk1g9i8oKWx7YZCgI.roa (raw, json)
Hash identifier: swU5vKoswjwSUVjAyEhRBgv1KXHBOxGEeyYU67jeVLc=
Subject key identifier: 91:3C:E1:93:44:E9:7E:91:24:D6:0F:62:F2:82:96:C7:B6:19:0A:02
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0AFE
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/kTzhk0TpfpEk1g9i8oKWx7YZCgI.roa
Signing time: Thu 16 Dec 2021 06:39:27 +0000
ROA not before: Thu 16 Dec 2021 06:39:27 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 121.254.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2814 (0xafe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:39:27 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=913CE19344E97E9124D60F62F28296C7B6190A02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:ee:b3:5a:74:62:d3:70:7e:84:ad:61:32:
3a:a0:00:d3:c0:e7:51:1a:e8:70:2d:f6:0f:0b:bb:
30:96:6c:cb:34:32:e0:0b:8d:eb:67:54:e8:bf:81:
f8:cd:1d:3a:11:02:e0:f3:fe:4a:bd:b3:7c:73:5a:
c0:61:85:53:54:f0:47:9d:77:32:ed:6b:27:fe:b7:
f7:d2:98:89:5b:79:c5:7f:02:d7:ad:0e:e7:96:4b:
f7:39:f2:50:22:53:23:01:80:ff:2c:e3:cf:07:64:
4c:95:0f:e2:7c:3f:4a:08:d2:65:1d:90:68:83:1a:
92:bc:a7:a7:f5:ac:58:0d:19:a0:e2:da:cc:4c:e1:
ac:1a:cd:a3:92:8c:20:94:3b:58:8e:f3:81:27:c9:
d4:bb:88:63:61:94:b4:ca:fb:5c:9b:d4:0a:b6:c1:
a1:67:20:df:e6:99:d6:6c:34:be:f9:cc:0c:0e:4f:
ae:4b:64:fe:f1:38:07:df:da:b6:05:2f:8a:54:e7:
af:d6:f5:0d:bd:14:f6:ea:e2:9d:bf:bf:0e:3a:96:
a5:b7:4c:21:c5:85:e5:09:16:51:0d:30:97:b6:83:
ab:69:54:8d:fb:d1:34:9f:83:11:16:71:fc:45:92:
4a:53:dc:be:3c:ad:d9:40:e4:89:85:4a:1b:c8:fa:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3C:E1:93:44:E9:7E:91:24:D6:0F:62:F2:82:96:C7:B6:19:0A:02
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/kTzhk0TpfpEk1g9i8oKWx7YZCgI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.88.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:fb:fd:c2:79:5b:ea:c7:07:c0:82:90:77:54:62:3b:3f:21:
e7:57:4e:62:dc:e6:d0:2b:14:65:91:a0:72:20:39:75:84:bb:
1c:df:16:1b:73:35:62:34:82:0c:0a:76:9d:97:5d:f8:a9:f3:
2a:8a:6c:f7:b7:bd:2c:c6:dc:31:88:50:72:68:99:47:52:2e:
51:f7:8d:90:8c:97:92:c7:53:31:7b:93:fa:62:b6:4f:1f:fa:
b6:eb:b8:df:0e:04:24:fd:c6:ea:40:61:67:d1:f7:9a:c4:01:
b7:e5:67:09:a6:69:cd:d5:26:e5:05:fc:60:f3:d2:58:81:5a:
8e:5d:12:d8:94:f8:76:3f:90:cd:cb:5e:2a:df:6d:84:18:6e:
80:a3:cc:73:2b:10:63:87:b1:05:36:87:42:68:5c:a2:4b:ec:
34:c0:17:b1:ff:03:da:ca:1f:1c:35:ba:83:b0:6b:a1:55:72:
c8:2d:f6:cb:8e:0a:ec:f0:9f:5a:83:c8:97:8b:db:54:90:92:
e8:d0:1f:77:ca:6c:40:26:bb:98:d9:6e:89:28:88:fb:7b:f1:
dd:55:03:e3:ed:1e:1e:47:58:da:2b:92:79:21:e6:96:b0:67:
fb:5f:2c:3e:12:73:08:4a:74:f5:01:65:69:9b:53:20:19:1b:
e3:aa:64:3f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjM5MjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkxM0NFMTkzNDRFOTdF
OTEyNEQ2MEY2MkYyODI5NkM3QjYxOTBBMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFde6zWnRi03B+hK1hMjqgANPA51Ea6HAt9g8LuzCWbMs0MuAL
jetnVOi/gfjNHToRAuDz/kq9s3xzWsBhhVNU8EeddzLtayf+t/fSmIlbecV/Atet
DueWS/c58lAiUyMBgP8s488HZEyVD+J8P0oI0mUdkGiDGpK8p6f1rFgNGaDi2sxM
4awazaOSjCCUO1iO84EnydS7iGNhlLTK+1yb1Aq2waFnIN/mmdZsNL75zAwOT65L
ZP7xOAff2rYFL4pU56/W9Q29FPbq4p2/vw46lqW3TCHFheUJFlENMJe2g6tpVI37
0TSfgxEWcfxFkkpT3L48rdlA5ImFShvI+g63AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkTzhk0TpfpEk1g9i8oKWx7YZCgIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgva1R6aGswVHBmcEVrMWc5aThvS1d4
N1laQ2dJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+WDAN
BgkqhkiG9w0BAQsFAAOCAQEAG/v9wnlb6scHwIKQd1RiOz8h51dOYtzm0CsUZZGg
ciA5dYS7HN8WG3M1YjSCDAp2nZdd+KnzKops97e9LMbcMYhQcmiZR1IuUfeNkIyX
ksdTMXuT+mK2Tx/6tuu43w4EJP3G6kBhZ9H3msQBt+VnCaZpzdUm5QX8YPPSWIFa
jl0S2JT4dj+QzcteKt9thBhugKPMcysQY4exBTaHQmhcokvsNMAXsf8D2sofHDW6
g7BroVVyyC32y44K7PCfWoPIl4vbVJCS6NAfd8psQCa7mNluiSiI+3vx3VUD4+0e
HkdY2iuSeSHmlrBn+18sPhJzCEp09QFlaZtTIBkb46pkPw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:53 2023 by rpki-client on console-ams.rpki-client.org